Greylisting (WAS: gif attachments)
Matt Kettler
mkettler at evi-inc.com
Thu Aug 24 01:43:40 IST 2006
Michele Neylon:: Blacknight.ie wrote:
> John Rudd wrote:
>> a) had no PTR record,
>
> Reasonable enough
>
>> b) PTR and A record didn't match, or
>
> So what about shared hosting??
Should work fine. He's not talking about comparing the PTR to the HELO.
What John really means is that:
Given an IP address, perform a PTR lookup. Take the results of that PTR lookup
and perform an A lookup on it. That should end up with the IP address you
started with.
So he's looking for ip != A_lookup( PTR_lookup(ip))
Even in a shared hosting environment that should always work work. The host-name
you get from the PTR lookup might not match the HELO string, but that is not
what we are checking for here.
ie: 208.39.141.94 connects to you. You perform a PTR lookup, you get
xanadu.evi-inc.com. You do an A record lookup of that and get 208.39.141.
This works correctly, even if the machine is representing itself as
"xanadu.evitechnology.com" in it's HELO (which it doesn't, but it could, as both
domains are identical except in the "all" clause of their SPF records).
More information about the MailScanner
mailing list